Subil M. Abraham

Enhancing Web services availability

Little work has been reported on highly available Web services which are essential for mission critical applications. In this paper we propose architecture for highly available Web services for mission critical applications. The central idea is the enhancement of Web services by the introduction of a central hub to increase the availability of Web services

Exploitability analysis using predictive cybersecurity framework

Managing Security is a complex process and existing research in the field of cybersecurity metrics provide limited insight into understanding the impact attacks have on the overall security goals of an enterprise. We need a new generation of metrics that can enable enterprises to react even faster in order to properly protect mission-critical systems in the midst of both undiscovered and disclosed vulnerabilities. In this paper, we propose a practical and predictive security model for exploitability analysis in a networking environment using stochastic modeling. Our model is built upon the trusted CVSS Exploitability framework and we analyze how the atomic attributes namely Access Complexity, Access Vector and Authentication that make up the exploitability score evolve over a specific time period. We formally define a nonhomogeneous Markov model which incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate. The daily transition-probability matrices in our study are estimated using a combination of Freis model & Alhazmi Malaiyas Logistic model. An exploitability analysis is conducted to show the feasibility and effectiveness of our proposed approach. Our approach enables enterprises to apply analytics using a predictive cyber security model to improve decision making and reduce risk.

A Novel Architecture for Predictive CyberSecurity Using Non-homogenous Markov Models

Evaluating the security of an enterprise is an important step towards securing its system and resources. However existing research provide limited insight into understanding the impact attacks have on the overall security goals of an enterprise. We still lack effective techniques to accurately measure the predictive security risk of an enterprise taking into account the dynamic attributes associated with vulnerabilities that can change over time. It is therefore critical to establish an effective cyber-security analytics strategy to minimize risk and protect critical infrastructure from external threats before it even starts. In this paper we present an integrated view of security for computer networks within an enterprise, understanding threats and vulnerabilities, performing analysis to evaluate the current as well as future security situation of an enterprise to address potential situations. We formally define a non-homogeneous Markov model for quantitative security evaluation using Attack Graphs which incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate to help visualize the future security state of the network leading to actionable knowledge and insight. We present experimental results from applying this model on a sample network to demonstrate the practicality of our approach.

Comparative analysis and patch optimization using the cyber security analytics framework

Dependable metrics are one of the critical elements of an organization’s information security program and are crucial for its long-term success. Current research in the area of enterprise security metrics provides limited insight on understanding the impact that attacks have on the overall security goals of an enterprise as well as predicting the future security state of the network. In this paper we present a novel security analytics framework that takes into account both the inter-relationship between different vulnerabilities and the temporal features that evolve over time, such as the vulnerability discovery rate and the lifecycle events. We then formally define a non-homogenous stochastic model that incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate, to help visualize the future security state of the network leading to actionable knowledge and insight. We will perform a comparative analysis and also describe the patch optimization methodology by applying this model on a sample network to demonstrate the practicality of our approach.

State Machine-Based Security Fusion for Resource-Constrained Environments

A growing range of devices has difficulty in implementing strong cryptographic algorithms. Radio frequency IDs and sensors, for instance, generally lack the processing power and memory to perform these operations in an efficient and timely manner. Recently, a new paradigm in security, called security fusion, was introduced for resource-constrained environments. In this approach, strong security properties are synthesized from weaker point-to-point properties, thereby minimizing the resource requirements at each node without compromising system-level security. In this paper, we describe a state machine-based architecture and pertinent protocols to realize security fusion. Furthermore, we analyze these protocols for their security capabilities.